Skip to content

Instantly share code, notes, and snippets.

@jayswan
Last active August 29, 2015 14:16
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save jayswan/3a7621d909b15c832cfb to your computer and use it in GitHub Desktop.
Save jayswan/3a7621d909b15c832cfb to your computer and use it in GitHub Desktop.
In [142]: d
Out[142]: {'TargetUserName.raw': 'Domain Admins'}
In [143]: tt = Search(using=es,index=i)\
.filter('term',**d).filter('term',EventID=4728)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment